<?php 
// ACCOUNT MANAGEMENT (USER IS LOGGED IN)
// Security : As the cookie content can be modified, we have to ensure they are actually filled with proper email/pwd combination.
// We made this check in the header include so we just have to look for the boolean $user_connected


if($user_connected)
{
$reponse = $db->query('SELECT * FROM jktrade_users WHERE id='.$_COOKIE['id'].'');
$data = $reponse->fetch();
	
echo'<section id="home" class="home boxed">
		<div class="container">		
			<!-- Text -->
			<div class="four columns">
				<h2 class="title">Hi, '.$data['name'].'</h2>
				
				<div class="subtitle">
					<p class="small">
						Nice to see you again. Welcome to your user pannel. 
					</p>
					<div class="manage-menu">
					<a href="../account/" ><i class="fa fa-file-text-o"></i> Summary</a><br/>
					<a href="?action=message"><i class="fa fa-envelope"></i> Messages (0)</a><br/>
					<a href="?action=addproduct"><i class="fa fa-reorder"></i> My products</a><br/>
					<a href="?action=orders"><i class="fa fa-ticket"></i> My orders</a><br/>
					<a href="?action=upgrade"><i class="fa fa-send"></i> Upgrade account</a><br/>
					<a href="?action=settings"><i class="fa fa-wrench"></i> Edit information</a><br/><br/>
					</div>
					<div class="register">
					<form novalidate="novalidate" method="get" action="../" id="register-form" class="register-form"/>
					<input type="hidden" name="op" value="logout" />
					<input value="Log out" class="button" type="submit">
				</form>
				</div>
				</div> <!-- /.subtitle -->
				</div><!-- /.four columns -->
';

if(!isset($_GET['action']) AND !isset($_POST['action'])) // Nothing special to do, just display pannel home
{
echo'
						<!-- Text -->
			<div class="twelve columns">
				<h2 class="title">Summary</h2>
				
				<div class="subtitle">
					<p class="small">
						Check out everything related to you and your activity on Jönkötrade.
					</p>
				</div> <!-- /.subtitle -->
				
				
					
					<h4>Notifications </h4>
						<div class="user-notification user-success">
						<div class="user-notification-description"><p><i class="fa fa-envelope" style="color: white;"></i><strong>Barack Obama</strong> reviewed your profile.</p></div>
						</div>
														
						<div class="user-notification user-warning">
							<div class="user-notification-description"><p><i class="fa fa-camera-retro" style="color: white;"></i><strong>Profile picture missing</strong> You don\'t have any profile picture yet. <a href="../account/?action=editprofile" class="notification-link">Upload a profile picture</a></p></div>
						</div>
						<div class="user-notification user-tip">
							<div class="user-notification-description"><p><i class="fa fa-envelope" style="color: white;"></i><strong>Vladimir Putin</strong> Sent you a message. <a href="../account/?action=inbox" class="notification-link">Check my Inbox</a></p></div>
						</div><br/>
						
						<h4>Your last orders </h4>
						<div class="user-notification user-success">
						<div class="user-notification-description"><p><i class="fa fa-credit-card" style="color: white;"></i><strong>Samsonite Premium Luggage</strong> (200kr) bought from John Doe. View invoice </p></div>
						</div>
														
						
						
					
				

				
			</div><!-- /.twelve columns -->

		</div> <!-- /.container -->
	</section> <!-- #home -->';

	}// end of if => pannel home
	
	if(isset($_GET['action']) AND $_GET['action']=="addproduct" ) // Nothing special to do, just display pannel home
{
echo'
						<!-- Text -->
			<div class="twelve columns">
				<h2 class="title">Product management</h2>
				
				<div class="subtitle">
					<p class="small">
						Add a new product
					</p>
				</div> <!-- /.subtitle -->
				
				
					<div class="register">
					<h4>Basic Information </h4>
					<form novalidate="novalidate" enctype="multipart/form-data" method="post" action="../account/" id="register-form" class="register-form">
					<input name="pr_name" id="pr_name" placeholder="Product name" type="text"/>
					<select name="pr_cat" id="pr_cat" placeholder="Product Category">
					<option value="item">Item</option>
					<option value="service">Service</option>
					</select>
					<textarea name="pr_desc" maxlength="200" placeholder="Short product description (max. 200 caracters). This will appear in the product browsing page."></textarea>
					
					<h4>Product details</h4>
					<input name="pr_price" id="pr_price" placeholder="Selling price (KR)" type="text"/>
					<textarea name="pr_largedesc" style="min-height: 400px;" maxlength="5000" placeholder="Long, detailed product description. This will appear in the product overview page. (5000 caracters)"></textarea>
					<h4>Delivery</h4>
					<legend>This area is the place where you would like to meet the customer
					<input name="pr_area" id="pr_area" placeholder="Type an area in Jönköping (ex: Centrum)" type="text"/></legend>
					<label class="none"><input name="pr_paypal" type="checkbox" value="paypal"/> Accept Paypal transaction. The customer will have the choice between paying online or paying you cash when you meet him. <a href="../about/?op=paypal">More information about Paypal transactions.</a></label><br/>
					
					
					<h4>Product picture <input name="pr_mainpic" id="pr_mainpic" type="file"/></h4>
					<legend class="none">This is the main picture of your product which will be displayed as a thumb in the product browse page and featured in the product overview. </legend><br/>
					<input type="hidden" name="action" value="insertproduct" />
					<input type="submit" value="Sell !"/>
					</form>							
					</div>
						
					
				

				
			</div><!-- /.twelve columns -->

		</div> <!-- /.container -->
	</section> <!-- #home -->';

	}// end of if => addproduct
	$actualdate = date("Y-m-d H:i:s");
	

	// IMAGE UPLOAD
			// include ImageManipulator class
			require_once('includes/third-party/ImageManipulator.php');
		if(isset($_FILES['pr_mainpic']))
		{
			if ($_FILES['pr_mainpic']['error'] > 0) {
				echo "Error: " . $_FILES['pr_mainpic']['error'] . "<br />";
			} else {
				// array of valid extensions
				$validExtensions = array('.jpg', '.jpeg', '.gif', '.png');
				// get extension of the uploaded file
				$fileExtension = strrchr($_FILES['pr_mainpic']['name'], ".");
				// check if file Extension is on the list of allowed ones
				if (in_array($fileExtension, $validExtensions)) {
					$newNamePrefix = time() . '_';
					$manipulator = new ImageManipulator($_FILES['pr_mainpic']['tmp_name']);
					$manipulator->save('uploads/products/' . $newNamePrefix . $_FILES['pr_mainpic']['name']);
					// resizing to 200x200
					$newImage = $manipulator->resample(200, 200);
					// saving file to uploads folder
					$manipulator->save('uploads/products/thumb_' . $newNamePrefix . $_FILES['pr_mainpic']['name']);
					$uploadFilename=$newNamePrefix . $_FILES['pr_mainpic']['name'];
					
				} 
			}
		}

	
	
	
	
	if(isset($_POST['action']) AND $_POST['action']=="insertproduct" ) // Getting the add-product form
{
$req = $db->prepare('INSERT INTO jktrade_products(pr_name, pr_price, pr_cat, pr_desc, pr_largedesc, pr_publish, pr_area, pr_mainpic, pr_seller, pr_paypal) 
										VALUES(:pr_name, :pr_price, :pr_cat, :pr_desc, :pr_largedesc, :pr_publish, :pr_area, :pr_mainpic, :pr_seller, :pr_paypal)');
$req->execute(array(
    'pr_name' => $_POST['pr_name'],
    'pr_price' => $_POST['pr_price'],
	'pr_cat' => $_POST['pr_cat'],
    'pr_desc' => $_POST['pr_desc'],
	'pr_largedesc' => $_POST['pr_largedesc'],
	'pr_publish' => $actualdate,
	'pr_area' => $_POST['pr_area'],
	'pr_mainpic' => $uploadFilename,
	'pr_seller' => $_COOKIE['id'],
	'pr_paypal' => $_POST['pr_paypal']
	
	));


echo'
						<!-- Text -->
			<div class="twelve columns">
				<h2 class="title">Product management</h2>
				
				<div class="subtitle">
					<p class="small">
						Add a new product
					</p>
				</div> <!-- /.subtitle -->
				
			
					<div class="register">
					<h4>Product added! </h4>
					
					
					
					
					</div>
						
					
				

				
			</div><!-- /.twelve columns -->

		</div> <!-- /.container -->
	</section> <!-- #home -->';

	}// end of if => addproduct
	

}
else // Fake cookies.. EAT MY DICK, HACKER, YOU'RE NOT GONNA MAKE IT
{

}
?>